Skip to content

cargo: bump the patch group across 1 directory with 7 updates#3194

Merged
qwandor merged 1 commit into
mainfrom
dependabot/cargo/patch-ee97f03ea0
Jun 1, 2026
Merged

cargo: bump the patch group across 1 directory with 7 updates#3194
qwandor merged 1 commit into
mainfrom
dependabot/cargo/patch-ee97f03ea0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026
edited
Loading

Bumps the patch group with 7 updates in the / directory:

Package From To
log 0.4.29 0.4.30
serde_json 1.0.149 1.0.150
pulldown-cmark 0.13.3 0.13.4
zerocopy 0.8.48 0.8.50
http 1.4.0 1.4.1
tokio 1.52.1 1.52.3
reqwest 0.13.3 0.13.4

Updates log from 0.4.29 to 0.4.30

Release notes

Sourced from log's releases.

0.4.30

What's Changed

New Contributors

Full Changelog: rust-lang/log@0.4.29...0.4.30

Notable Changes

Changelog

Sourced from log's changelog.

[0.4.30] - 2026-05-21

What's Changed

New Contributors

Full Changelog: rust-lang/log@0.4.29...0.4.30

Notable Changes

Commits
  • 9c55760 Merge pull request #725 from rust-lang/cargo/0.4.30
  • d1acb05 update docs on current MSRV and note latest bump in changelog
  • 5068293 prepare for 0.4.30 release
  • 7ccd873 Merge pull request #724 from rust-lang/feat/net-to-value
  • 923dfaa fix up test cfgs
  • ecb7de8 gate net value impls on std
  • 67bb4f6 run fmt
  • 25f49fe rework net type capturing
  • 7087dcb feat: impl ToValue for core::net types
  • 67bc7e3 Merge pull request #723 from woodruffw-forks/ww/ci
  • Additional commits viewable in compare view

Updates serde_json from 1.0.149 to 1.0.150

Release notes

Sourced from serde_json's releases.

v1.0.150

Commits
  • a1ae73a Release 1.0.150
  • 1a360b0 Merge pull request #1324 from puneetdixit200/reject-non-string-enum-keys
  • 2037b63 Reject non-string enum object keys
  • 5d30df6 Resolve manual_assert_eq pedantic clippy lint
  • dc8003a Raise required compiler for preserve_order feature to 1.85
  • a42fa98 Unpin CI miri toolchain
  • 684a60e Pin CI miri to nightly-2026-02-11
  • 7c7da33 Raise required compiler to Rust 1.71
  • acf4850 Simplify Number::is_f64
  • 6b8ceab Resolve unnecessary_map_or clippy lint
  • Additional commits viewable in compare view

Updates pulldown-cmark from 0.13.3 to 0.13.4

Release notes

Sourced from pulldown-cmark's releases.

0.13.4

Fix panic in specific cases with TightParagraph.

What's Changed

Full Changelog: pulldown-cmark/pulldown-cmark@v0.13.3...v0.13.4

Commits
  • 38e4d08 chore: cargo update
  • 9c61031 chore: bump pulldown-cmark version to 0.13.4
  • 709268f Merge pull request #1096 from pulldown-cmark/fix-1095
  • c1d4450 Add test case from 1097
  • 6fea453 fix: panic in parser iterator for TightParagraph in some cases
  • See full diff in compare view

Updates zerocopy from 0.8.48 to 0.8.50

Release notes

Sourced from zerocopy's releases.

v0.8.50

What's Changed

Full Changelog: google/zerocopy@v0.8.49...v0.8.50

v0.8.49

What's Changed

New Contributors

Full Changelog: google/zerocopy@v0.8.48...v0.8.49

v0.8.49-alpha

What's Changed

Full Changelog: google/zerocopy@anneal-v0.1.0-alpha.23...v0.8.49-alpha

Commits

Updates http from 1.4.0 to 1.4.1

Release notes

Sourced from http's releases.

v1.4.1

tl;dr

  • Fix PathAndQuery::from_static() and from_shared() to reject inputs that do not start with /.
  • Fix Extend for HeaderMap to clamp max size hint and not overflow.
  • Fix header::IntoIter that could use-after-free if the generic value type could panic on drop.
  • Fix header::{IterMut, ValuesIterMut} to not violate stacked borrows.

What's Changed

New Contributors

Full Changelog: hyperium/http@v1.4.0...v1.4.1

Changelog

Sourced from http's changelog.

1.4.1 (May 25, 2026)

  • Fix PathAndQuery::from_static() and from_shared() to reject inputs that do not start with /.
  • Fix Extend for HeaderMap to clamp max size hint and not overflow.
  • Fix header::IntoIter that could use-after-free if the generic value type could panic on drop.
  • Fix header::{IterMut, ValuesIterMut} to not violate stacked borrows.
Commits
  • a24c968 v1.4.1
  • bc3b044 fix(header): use a set_len guard in IntoIter drop (#838)
  • 1b968dc fix(header): fix stacked borrows for IterMut/ValuesIterMut (#837)
  • 6e2dd42 fix: clamp Extend size hint so HeaderMap reserve cannot overflow (#833)
  • 68e0abb docs: fix typo in request builder docs (#831)
  • 29dd307 docs(extensions): rephrase internal comment (#827)
  • ae48fb5 fix(uri): reject Path::from_shared/from_static if doesn't start with slash (#...
  • 1ad200e refactor(uri): consolidate PathAndQuery::from_shared and from_static (#825)
  • d59d939 refactor: Remove usage of float instruction (#823)
  • ed680c4 tests: update to rand 0.10 (#818)
  • Additional commits viewable in compare view

Updates tokio from 1.52.1 to 1.52.3

Release notes

Sourced from tokio's releases.

Tokio v1.52.3

1.52.3 (May 8th, 2026)

Fixed

  • sync: fix underflow in mpsc channel len() (#8062)
  • sync: notify receivers in mpsc OwnedPermit::release() method (#8075)
  • sync: require that an RwLock has max_readers != 0 (#8076)
  • sync: return Empty from try_recv() when mpsc is closed with outstanding permits (#8074)

#8062: tokio-rs/tokio#8062 #8074: tokio-rs/tokio#8074 #8075: tokio-rs/tokio#8075 #8076: tokio-rs/tokio#8076

Tokio v1.52.2

1.52.2 (May 4th, 2026)

This release reverts the LIFO slot stealing change introduced in 1.51.0 (#7431), due to [its performance impact]#8065. (#8100)

#7431: tokio-rs/tokio#7431 #8065: tokio-rs/tokio#8065 #8100: tokio-rs/tokio#8100

Commits

Updates reqwest from 0.13.3 to 0.13.4

Release notes

Sourced from reqwest's releases.

v0.13.4

tl;dr

  • Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
  • Add ClientBuilder::http2_keep_alive_* options for the blocking client.
  • Add TLS 1.3 support when using native-tls backend.
  • Fix redirect handling to strip sensitive headers when the scheme changes.
  • Fix HTTP/3 happy-eyeball connection creation.
  • Upgrade hickory-resolver to 0.26.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.13.3...v0.13.4

Changelog

Sourced from reqwest's changelog.

v0.13.4

  • Add ClientBuilder::tls_sslkeylogfile(bool) option to allow using the related environment variable.
  • Add ClientBuilder::http2_keep_alive_* options for the blocking client.
  • Add TLS 1.3 support when using native-tls backend.
  • Fix redirect handling to strip sensitive headers when the scheme changes.
  • Fix HTTP/3 happy-eyeball connection creation.
  • Upgrade hickory-resolver to 0.26.
Commits
  • 11489b3 v0.13.4
  • d31ffbb feat: Expose HTTP2 keep alive configurations in blocking client (#3043)
  • 79ed0d7 feat: support TLS 1.3 as min version under native-tls 🎉 (#2975)
  • fb7bf6a fix: remove unwrap in hickory initialization (#3041)
  • 3da616f fix: update hickory-resolver to 0.26 and adjust code accordingly (#3040)
  • c77e7b2 fix(http3): use happy eyeballs for h3 connect (#3030)
  • 9cbb65b chore: clean up minimal-versions CI job (#3039)
  • 17a7dc5 chore: upgrade MSRV to 1.85 (#3038)
  • 03db63a fix(redirect): strip sensitive headers on scheme change across redirects (#3034)
  • 4b813a8 feat: add tls_sslkeylogfile builder method (#2923)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jun 1, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Jun 1, 2026
@qwandor qwandor enabled auto-merge (squash) June 1, 2026 10:05
@dependabot
cargo: bump the patch group across 1 directory with 7 updates
9ac46c9 
Bumps the patch group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [log](https://github.com/rust-lang/log) | `0.4.29` | `0.4.30` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.149` | `1.0.150` |
| [pulldown-cmark](https://github.com/raphlinus/pulldown-cmark) | `0.13.3` | `0.13.4` |
| [zerocopy](https://github.com/google/zerocopy) | `0.8.48` | `0.8.50` |
| [http](https://github.com/hyperium/http) | `1.4.0` | `1.4.1` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.52.1` | `1.52.3` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.13.3` | `0.13.4` |



Updates `log` from 0.4.29 to 0.4.30
- [Release notes](https://github.com/rust-lang/log/releases)
- [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md)
- [Commits](rust-lang/log@0.4.29...0.4.30)

Updates `serde_json` from 1.0.149 to 1.0.150
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](serde-rs/json@v1.0.149...v1.0.150)

Updates `pulldown-cmark` from 0.13.3 to 0.13.4
- [Release notes](https://github.com/raphlinus/pulldown-cmark/releases)
- [Commits](pulldown-cmark/pulldown-cmark@v0.13.3...v0.13.4)

Updates `zerocopy` from 0.8.48 to 0.8.50
- [Release notes](https://github.com/google/zerocopy/releases)
- [Changelog](https://github.com/google/zerocopy/blob/main/CHANGELOG.md)
- [Commits](google/zerocopy@v0.8.48...v0.8.50)

Updates `http` from 1.4.0 to 1.4.1
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](hyperium/http@v1.4.0...v1.4.1)

Updates `tokio` from 1.52.1 to 1.52.3
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](tokio-rs/tokio@tokio-1.52.1...tokio-1.52.3)

Updates `reqwest` from 0.13.3 to 0.13.4
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.13.3...v0.13.4)

---
updated-dependencies:
- dependency-name: http
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: log
  dependency-version: 0.4.30
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: pulldown-cmark
  dependency-version: 0.13.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: reqwest
  dependency-version: 0.13.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: serde_json
  dependency-version: 1.0.150
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: tokio
  dependency-version: 1.52.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
- dependency-name: zerocopy
  dependency-version: 0.8.50
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title cargo: bump the patch group with 7 updates cargo: bump the patch group across 1 directory with 7 updates Jun 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/cargo/patch-ee97f03ea0 branch from 3fb90e5 to 9ac46c9 Compare June 1, 2026 10:08
@qwandor qwandor merged commit 1a3101a into main Jun 1, 2026
43 checks passed
@qwandor qwandor deleted the dependabot/cargo/patch-ee97f03ea0 branch June 1, 2026 10:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qwandor qwandor qwandor approved these changes

@djmitche djmitche Awaiting requested review from djmitche djmitche is a code owner

@mgeisler mgeisler Awaiting requested review from mgeisler mgeisler is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@qwandor